Security News

Windows kernel bug now exploited in attacks to gain SYSTEM privileges

2024-12-16 19:50

CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability. [...]

#attack #kernel #windows

Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels

2024-11-27 16:05

Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Linux systems. Dubbed Bootkitty by its creators...

#first #kernel #linux #researcher #uefi

Microsoft plans to boot security vendors out of the Windows kernel

2024-11-19 18:43

Microsoft has announced the Windows Resiliency Initiative, aimed at avoiding a repeat of the prolonged worldwide IT outage caused by a buggy CrowdStrike update that took down millions of Windows...

#boot #kernel #microsoft #security #vendor #vendors #windows

OpenPaX: Open-source kernel patch that mitigates memory safety errors

2024-11-01 05:00

OpenPaX is an open-source kernel patch that mitigates common memory safety errors, re-hardening systems against application-level memory safety attacks using a simple Linux kernel patch. It’s...

#kernel #opensource #patch

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

2024-10-28 05:29

A new attack technique could be used to bypass Microsoft's Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. "This bypass...

#kernel #microsoft #researcher #vulnerability #windows

New Windows Driver Signature bypass allows kernel rootkit installs

2024-10-26 12:28

Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully patched systems. [...]

#bypass #kernel #windows

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

2024-10-13 09:40

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the...

#espionage #exploit #kernel #windows

New Linux Kernel Exploit Technique 'SLUBStick' Discovered by Researchers

2024-08-07 14:10

Cybersecurity researchers have shed light on a novel Linux kernel exploitation technique dubbed SLUBStick that could be exploited to elevate a limited heap vulnerability to an arbitrary memory...

#exploit #kernel #linux #researcher

Google splats device-hijacking exploited-in-the-wild Android kernel bug among others

2024-08-06 18:23

Google released 46 fixes for Android in its August security patch batch, including one for a Linux kernel flaw in the mobile OS that can lead to remote code execution. While Google never provides much detail in its monthly patch bulletins about how Android flaws are being abused in the wild, it does note that "There are indications that CVE-2024-36971 may be under limited, targeted exploitation."

#android #google #hijacking #kernel #CVE-2024-36971

Google Patches New Android Kernel Vulnerability Exploited in the Wild

2024-08-06 06:12

Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild. That said, Clement Lecigne of Google's Threat Analysis Group has been credited with reporting the flaw, suggesting that it's likely being exploited by commercial spyware vendors to infiltrate Android devices in narrowly targeted attacks.

#android #google #kernel #vulnerability #CVE-2018-0824

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News